Tuesday, 25 June 2013

How to Secure Rest Services in Mule 3

Secure Rest Services in Mule 3 using HTTPS Endpoint :

Creating rest services using mule is very easy . You can take help from this post.Now to make your service secure we can configure HTTPS end point . This is how you configure HTTPS endpoint in mule :

First , generate a keystore using keygen tool , and then put the keystore file in your mule-app classpath.you can take help from this post on how to generate keystore using java. Here is , how the mule xml file will look like :
<?xml version="1.0" encoding="UTF-8"?>

<mule xmlns:jersey="http://www.mulesoft.org/schema/mule/jersey" xmlns:https="http://www.mulesoft.org/schema/mule/https"
 xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:spring="http://www.springframework.org/schema/beans" version="EE-3.3.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/https http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd 
http://www.mulesoft.org/schema/mule/jersey http://www.mulesoft.org/schema/mule/jersey/current/mule-jersey.xsd 
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd 
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd ">


<https:connector name="httpsConnector" doc:name="HTTP\HTTPS">
     <https:tls-key-store path="keystore.jks" keyPassword="changeit" storePassword="changeit"/>
 </https:connector>
    <flow name="httpsRestServiceExampleFlow1" doc:name="httpsRestServiceExampleFlow1">
        <https:inbound-endpoint exchange-pattern="request-response" host="localhost" port="8082" connector-ref="httpsConnector" doc:name="HTTP"/>
        <jersey:resources doc:name="REST">
            <component class="RestService"/>
        </jersey:resources>
    </flow>


</mule>
Secure Rest Services in Mule 3 using Basic Authentication:

To enable basic authentication in mule app , we need to configure spring security in mule like this :
<?xml version="1.0" encoding="UTF-8"?>

<mule xmlns:jersey="http://www.mulesoft.org/schema/mule/jersey"
 xmlns:vm="http://www.mulesoft.org/schema/mule/vm" xmlns:https="http://www.mulesoft.org/schema/mule/https"
 xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns:servlet="http://www.mulesoft.org/schema/mule/servlet"
 xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
 xmlns:spring="http://www.springframework.org/schema/beans"
 xmlns:context="http://www.springframework.org/schema/context"
 xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
 xmlns:ss="http://www.springframework.org/schema/security" version="CE-3.3.1"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd 
http://www.mulesoft.org/schema/mule/jersey http://www.mulesoft.org/schema/mule/jersey/current/mule-jersey.xsd 
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd 
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd 
http://www.mulesoft.org/schema/mule/vm http://www.mulesoft.org/schema/mule/vm/current/mule-vm.xsd 
http://www.mulesoft.org/schema/mule/https http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd 
http://www.mulesoft.org/schema/mule/servlet http://www.mulesoft.org/schema/mule/servlet/current/mule-servlet.xsd 
http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/current/mule-spring-security.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
 http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">

 <mule-ss:security-manager>
  <mule-ss:delegate-security-provider
   name="httpBasicAuth" delegate-ref="authenticationManager" />
 </mule-ss:security-manager>
 <spring:beans>
  <ss:authentication-manager alias="authenticationManager">
   <ss:authentication-provider>
    <ss:user-service id="userService">
     <ss:user name="admin" password="admin" 
     authorities="ROLE_ADMIN" />
    </ss:user-service>
   </ss:authentication-provider>
  </ss:authentication-manager>
 </spring:beans>
 <flow name="httpsRestServiceExampleFlow1" doc:name="httpsRestServiceExampleFlow1">
  <http:inbound-endpoint exchange-pattern="request-response"
   host="localhost" port="9595" doc:name="HTTP">
   <mule-ss:http-security-filter realm="mule-realm"
    securityProviders="httpBasicAuth" />
  </http:inbound-endpoint>
  <jersey:resources doc:name="REST">
   <component doc:name="Rest Service">
    <spring-object bean="restService" />
   </component>
  </jersey:resources>
 </flow>
</mule>
First we created authentication manager in spring beans , and then used it in mule security manager , and mule security manager is then used in end point configuration.



Post your comments and suggestions !!